Bookmark and Share

Author Topic: Port forwading not working anymore. ASUS RT-N12D1  (Read 809 times)

0 Members and 1 Guest are viewing this topic.

Offline Hyldran0

  • PcWinTech Full Member
  • **
  • Join Date: Jun 2011
  • Posts: 160
  • Karma: 0
Port forwading not working anymore. ASUS RT-N12D1
« on: February 01, 2018, 04:28:15 PM »
Hello,

Damn, It's been a while since i was on these forums in need of help!

But once again i got network issues.
Im home hosting a Game Server with only one port needing to be forwarded and its 30120. It's a GTA V FiveM Server. I got Fiber 100/100 at home with a great Asus RT-N12D1 Router.
I've been hosting other servers that needed port forwarding before here at home with the same setup.

My Windows Firewall is on and I've added the port 30120 in the firewall both TCP and UDP.
My Asus Router Firewall is on and DoS Protection and DMZ is off.
I've tried Asus firewall off aswell.

I use a portchecker to see if it's open and i've also asked friends to try to connect to the server. still nothing.
A few days ago i actually had it working. Now it's not And i've done nothing.

Well today for the last hour or two i've been researching my own on where the problem might be.
I updated the router firmware, still not working. I also did a factory reset. still not working. I've restarted the Router and PC and waited 5-10 mins after the port forward was made. Still nothing.
https://imgur.com/a/p2wSx <--- Here is a pic inside my router and it's port forwarding page.

The Ip is from this PC im hosting from, i got it from CMD --- Ipconfig.

im pretty furious. Cause It has been working before, and worked a day ago or two!

I hope i can get the help i need! :)

I hope someone might know the cause!

Thanks so much in advance and thanks for reading!


Regards
Timmie

PcWinTech.com Forums

Port forwading not working anymore. ASUS RT-N12D1
« on: February 01, 2018, 04:28:15 PM »

Offline trpted

  • PcWinTech Guru
  • ******
  • Join Date: Sep 2011
  • Posts: 1,142
  • Karma: 37
Re: Port forwading not working anymore. ASUS RT-N12D1
« Reply #1 on: February 01, 2018, 06:11:37 PM »
#1 Info part one

a) Go to http://ipv4.whatismyv6.com/

b) On that web page is the non bogan IPv4 (Public) Address that users from Internet use to connect to you.

c) In your router, somewhere in there you must have the same non bogan IP Address.

Example non bogan IP Address is 999.888.777.666, but in the router the WAN IP is 10.0.0.100 - this is not ok.

d) Important note: This is not to say that the non bogan IP Address has to be Static.

Example yesterday's IP Address was 999.888.777.666 and today's IP Address is 999.888.777.555 - this is ok.

Since you posted what the brand and model of your NAT Router is...

..a) The WAN IP of the router will be at the home page (first page that you see after you go to the Default Gateway LAN IP.)

..b) Will look something like http://event.asus.com/2012/nw/dummy_ui/en/index.html

#2 Info part two

As how to check what the IP Address is/are, Subnet Mask is/are, Default Gateway is, MAC Address(es) is/are, DNS Server(s) are of your computer, it depends on the OS and Version.

Note: This example assumes that you are on Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8 or Windows 10

a) Press the Windows Start key to open the Start screen.

b) Type cmd and press Enter to launch the command prompt.

Note: You do not need to click on anything on the Start screen—typing will automatically initiate a program search.

c) Type ipconfig /all

 at the command prompt to check the network card settings.

d) If not on Windows 2000, Windows XP, Windows Vista, Windows 7, Windows 8 or Windows 10 and you do not know how to check that network info - then post what is your OS and Version is.

e) You need to make sure that the Default Gateway on your computer is the same LAN IP as your NAT router.

#3 Info part three:

If the non bogan IP Address is not the same IP Address (keep in mind it does not have the Static), one of the reasons why that could happen is CGNAT/NAT444/LSN is present.

If you want more details about CGNAT/NAT444/LSN, you can look at

http://en.wikipedia.org/wiki/Carrier-grade_NAT

c) The possible fixes to fix your issue if CGNAT/NAT444/LSN is present.

#1 Have them in their NAT router forward the ports to the IP of your router..

#2 Upgrading the type of plan that you are on with your ISP so that you get a non bogan IP Address.

For example if you are a Residential Service Plan, consider going to a Business Service Plan.

#3 Consider switching to another ISP that can give you you a non bogan IP Address.

#4 For the long term future, get IPv6 working.
----

#4 Info part four, if manually forwarding (or wish to adjust the settings) and if asked for a remote/source IP Address it goes like this.

a) Let us say that the fictional IP Address of 999.888.777.666 existed ( I can assure it does not as IPv4 is only 0.0.0.0 to 255.255.255.255 and IPv6 is all hex with colons between ), it was mine, I did not share my connection with others (parents/son/daughter), and you wanted to only allow me to connect through your router to your computer - then it case you would type in 999.888.777.666

b) If you do not want to only allow only a certain IP Address (OR IP Address Range) to connect to you, it has to be either blank (not filled in) OR if you can not leave it blank then it has to be 0.0.0.0.

#5 Info part five:

When forwarding manually remember to forward to your local IP Address, that is unless you are trying to forward some other computer (example to Xbox)

So if you get output...

IP Address 192.168.1.6
Subnet Mask 255.255.255.0
Default Gateway 192.168.1.1
At least one DNS 192.168.1.1

-> you would forward to 192.168.1.6

#6 Info part six:

a) From DSLR (dslreports.com) -> Forums -> Broadband and Networking -> Networking -> How to know if ports are reaching my computer from outside the post by DSLR user mackey (user # 1479488) on 2015-Sep-24 at 8:05 pm - if you wanted to test port 5154, besides using an inbound client side port checker:

Quote
Run tcpdump (`tcpdump -p -n -i <interface> port 5154` would be a good command to start with). If you see incoming TCP SYN packets (not SYN/ACK), or incoming UDP packets from an IP which did not have an outgoing packet first, then the port is open.


b) For tcpdump on Windows I found this info https://uwnthesis.wordpress.com/2014/05/26/windump-how-to-use-windump-tcpdump-on-windows-7-the-visual-guide/

#3 For a TCP and a UDP port checker you can use http://www.base64online.com/port-check.php

#4 Using a packet sniffer (like tcpdump = command line / like wireshark = GUI) you should see the traffic from an outside IP address reaching your computer, like I did (when you are forwarding the ports to your computer).

Code: [Select]
    user-name@pc-name:~$ tcpdump -p -n -i eth0 port 5154
    tcpdump: eth0: You don't have permission to capture on that device
    (socket: Operation not permitted)
    user-name@pc-name:~$ sudo tcpdump -p -n -i eth0 port 5154
    [sudo] password for user-name:
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
    08:40:24.169428 IP 192.168.2.138.50157 > 192.168.2.255.5154: UDP, length 6
    08:42:15.839461 IP 4.79.142.206.37174 > 192.168.2.138.5154: Flags [S], seq 1464127243, win 8192, options [mss 1460], length 0
    08:49:05.773987 IP 90.145.69.116.51145 > 192.168.2.138.5154: UDP, length 0
    08:49:06.938818 IP 90.145.69.116.36530 > 192.168.2.138.5154: UDP, length 0
    08:57:57.580814 IP 198.199.98.246.42092 > 192.168.2.138.5154: Flags [S], seq 3027635480, win 14600, options [mss 1460,sackOK,TS val 4240686068 ecr 0,nop,wscale 8], length 0
    08:57:57.712334 IP 198.199.98.246.42093 > 192.168.2.138.5154: Flags [S], seq 1267700791, win 14600, options [mss 1460,sackOK,TS val 4240686102 ecr 0,nop,wscale 8], length 0
    08:57:57.840328 IP 198.199.98.246.42095 > 192.168.2.138.5154: Flags [S], seq 1515263633, win 14600, options [mss 1460,sackOK,TS val 4240686134 ecr 0,nop,wscale 8], length 0
    ^C
    7 packets captured
    7 packets received by filter
    0 packets dropped by kernel
    user-name@pc-name:~$



#5 Some notes about my testing..

a) 192.168.2.138.50157 is from this same computer.

b) As noted at grc.com -> Services -> Shield's Up they own 4.79.142.192 -thru- 4.79.142.207.

c) I believe 198.199.98.246 is from http://www.yougetsignal.com/tools/open-ports/ as it only checks TCP ports.

d) As you can see, I checked port 5154.

#6 The only UDP ports that grc.com checks, that I know of, are:

a) DNS (53) grc.com -> Freeware -> Utilities -> DNS Benchmark -> DNS Spoofability Test Introduction (or grc.com -> Services -> DNS Spoofability Test)

b) Universal Plug n'Play (UPnP) = 1900

https://www.grc.com/port_5000.htm

From grc.com -> Services -> Shield's Up: Click on Proceed and then GRC's Instant UPnP Exposure Test.

#7 Info part 7, after you get the ports the ports forwarded in the router:

Info - Part a)

Here are some notes about listening:

Quote

a) If you are on Windows I point you to http://www.howtogeek.com/howto/28609/how-can-i-tell-what-is-listening-on-a-tcpip-port-in-windows/

b) If you are not on Windows (Mac, Unix/Linux), go look lookup listen on port and then your OS name using Google (or your other favorite search engine).

c) If nothing is listening any TCP ports that you check with a web based port checker, then TCP ports does not show up as open.

d) Be advised that you can not have two servers listening on the same the port on the same computer. So for example before you use an inbond-client side port checker you must make sure that uTorrent is not running - which explains on http://portforward.com/softwareguides/utorrent/utorrent.htm that they say

Quote
If uTorrent is currently open, you will need to completely close it at this time. Make sure that the green uTorrent icon is not still hiding in your notification area (next to your clock). If it is, right click on it and choose "Exit". Before moving forward to things like selecting torrents, seeders, and leachers, we need to verify that your port is open. We recommend downloading our free Open Port Check Tool to test if incoming connections are being allowed through your router on your uTorrent Listening Port

e) And generally if the program/app is running that you are trying to forward for, then the server is listening.

Info - 7 Part b)

Here are some catches about ping:

a) If the server that you forwarded requires that you reply to ping, well then you must enable responding to ping in the router.

b) If the server that you forwarded does not require that you reply to ping, well that depends on another factor..

As to what that other factor is, I point to and quote the post by nwrickert (DSLR user #1070900) in DSLR (dslreports.com) Forums >Broadband Tech > Security > Security > DMZ and portforwarding are equally dangerous? on 2010-08-21 at 13:53:23.
Quote
Quote
While he tells people that responding to ping is dangerous, he replys to ping.

That's a pretty minor point. The reason some people prefer to not respond to ping, is to avoid demonstrating their presence on the net. Gibson has a public site whose presence on the net is well known, so that reason for not responding to ping simply does not apply.

While Steve Gibson does sometimes say some useful things, he mostly seems to be making mountains out of molehills

Note: Sorry for my misspelling, I meant replies.

c) There are certain troubleshooting tools that require that you reply to ping.

For example if you wanted to use the followings tool(s) at DSLR (dslreports.com) -> Tools: Smokeping, Line quality - Ping Test, and for 24x7 Line Monitoring...

#4 If the ports are open (this means not just in the router) but the program/app does not work: I have an odd feeling that with this server, you must reply to ping.

Info - 7 Part c:

You must provide to users from the outside either your non bogan IP Address or DDNS.

What DNS is, here is the simple as possible version as how it works.

Quote
I know of a given domain name. What is their IP Address for that domain?

The first D in DDNS means/allows you to have a domain name the follows your non static non bogan IP Address. Which is a lot easier to provide and normally most people use DNS over the IP Address for the content servers that they want to connect to.. ;)

Info - 7 part d:

If you do not see the non bogan IP Address anywhere in the your router it's screens, it first matters what the WAN IP Address in the router is:

a) From 100.64.0.0 - 100.127.255.255, then CGNAT/NAT444/LSN is present (See fix above if the case).

b) From 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is a RJ-45 WAN port router:

Step 1: Physically find your NAT Router

Step 2: Find the WAN port of it.

Info: WAN port could be called Internet or To Modem or To ONT port.

Step 3: Report back what the brand and model of the device that is connected at the other end of the wire that is connected to the WAN port of the NAT router.

c) From 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is NOT a RJ-45 WAN port router, then CGNAT/NAT444/LSN is present (See fix above if the case).

d) If from 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and if your NAT router is a gateway NAT router, it matters how it is connected to the Internet (RJ-45 WAN port or acting a modem combo).

e) If from 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255 OR from 192.168.0.0 to 192.168.255.255 and you do not know the type of NAT router yours is, it would help to know the brand and model it is - if you did not post already.

f) If the WAN IP was not any of those, it would be a good idea to check to see how the non bogan IP Address is not the same (and not NAT). If you need help finding why that is, you are to asking for help doing so.

-> Since you posted what the brand and model of your NAT Router is, it is a RJ-45 WAN Port NAT Router.
Private messages (PM) are not for support questions or for hints to not yet answered topics. The PMs are basically for confident conversation between the users, off the forum.

Offline Hyldran0

  • PcWinTech Full Member
  • **
  • Join Date: Jun 2011
  • Posts: 160
  • Karma: 0
Re: Port forwading not working anymore. ASUS RT-N12D1
« Reply #2 on: February 02, 2018, 02:17:06 AM »
wow this was LOTS of info i have no idea what to do with or even start :P

Offline trpted

  • PcWinTech Guru
  • ******
  • Join Date: Sep 2011
  • Posts: 1,142
  • Karma: 37
Re: Port forwading not working anymore. ASUS RT-N12D1
« Reply #3 on: February 02, 2018, 12:46:50 PM »
#1 Start with WAN IP matches what the true WAN IP is right now (even if it is not static).

#2 Then if not the same, go on what the IP Address Range rules.

a) 100.64.0.0 - 100.127.255.255 = ISP NAT

b) 10. anything, 192.168. anything, 172.16. anything to 172.31. anything = checking what is connected to the WAN / Internet / To Modem / To ONT - Port of the ASUS is.

c) Not any of those, find out what is causing that.

#3 Then go from there..
Private messages (PM) are not for support questions or for hints to not yet answered topics. The PMs are basically for confident conversation between the users, off the forum.

Offline Hyldran0

  • PcWinTech Full Member
  • **
  • Join Date: Jun 2011
  • Posts: 160
  • Karma: 0
Re: Port forwading not working anymore. ASUS RT-N12D1
« Reply #4 on: February 02, 2018, 04:18:36 PM »
I dont know what i did, but now all of the sudden it works again :)

PcWinTech.com Forums

Re: Port forwading not working anymore. ASUS RT-N12D1
« Reply #4 on: February 02, 2018, 04:18:36 PM »

 

email